@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { if (resourceInfo.getResourceMethod().getAnnotation(DateRequired.class) != null) { context.register(DateNotSpecifiedFilter.class); } } }
public MeteredMetricsFilter(MetricRegistry metricRegistry, ResourceInfo resourceInfo) { final Metered annotation = resourceInfo.getResourceMethod().getAnnotation(Metered.class); meter = metricRegistry.meter(chooseName(annotation.name(), annotation.absolute(), resourceInfo.getResourceMethod())); } @Override
public TimedMetricsFilter(MetricRegistry metricRegistry, ResourceInfo resourceInfo) { final Timed annotation = resourceInfo.getResourceMethod().getAnnotation(Timed.class); timer = metricRegistry.timer(chooseName(annotation.name(), annotation.absolute(), resourceInfo.getResourceMethod())); }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { final Class<?> resourceClass = resourceInfo.getResourceClass(); final Method resourceMethod = resourceInfo.getResourceMethod(); if (serverStatus.hasCapability(ServerStatus.Capability.MASTER)) return; if (resourceMethod.isAnnotationPresent(RestrictToMaster.class) || resourceClass.isAnnotationPresent(RestrictToMaster.class)) { context.register(restrictToMasterFilter); } } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { if (resourceInfo.getResourceClass().getName().indexOf("scouterx.") == 0) { if (resourceInfo.getResourceMethod().getAnnotation(NoAuth.class) == null) { context.register(AuthFilter.class); } } } }
public ExceptionMeteredMetricsFilter(MetricRegistry metricRegistry, ResourceInfo resourceInfo) { final ExceptionMetered annotation = resourceInfo.getResourceMethod().getAnnotation(ExceptionMetered.class); meter = metricRegistry.meter(chooseName(annotation.name(), annotation.absolute(), resourceInfo.getResourceMethod(), ExceptionMetered.DEFAULT_NAME_SUFFIX)); exceptionClass = annotation.cause(); }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { List<Annotation> authzSpecs = new ArrayList<Annotation>(); for (Class<? extends Annotation> annotationClass : shiroAnnotations) { // XXX What is the performance of getAnnotation vs getAnnotations? Annotation classAuthzSpec = resourceInfo.getResourceClass().getAnnotation(annotationClass); Annotation methodAuthzSpec = resourceInfo.getResourceMethod().getAnnotation(annotationClass); if (classAuthzSpec != null) authzSpecs.add(classAuthzSpec); if (methodAuthzSpec != null) authzSpecs.add(methodAuthzSpec); } if (!authzSpecs.isEmpty()) { context.register(new AnnotationAuthorizationFilter(authzSpecs), Priorities.AUTHORIZATION); } }
@Override public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) { final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); // check to see if it has cache control annotation final CacheControl cc = am.getAnnotation(CacheControl.class); if (cc != null) { configuration.register(new CacheControlledResponseFilter(cc)); } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { final Method resourceMethod = resourceInfo.getResourceMethod(); if (resourceMethod.isAnnotationPresent(Timed.class)) { LOG.debug("Setting up filter for Timed resource method: {}#{}", resourceInfo.getResourceClass().getCanonicalName(), resourceMethod.getName()); context.register(new TimedMetricsFilter(metricRegistry, resourceInfo)); } if (resourceMethod.isAnnotationPresent(Metered.class)) { LOG.debug("Setting up filter for Metered resource method: {}#{}", resourceInfo.getResourceClass().getCanonicalName(), resourceMethod.getName()); context.register(new MeteredMetricsFilter(metricRegistry, resourceInfo)); } if (resourceMethod.isAnnotationPresent(ExceptionMetered.class)) { LOG.debug("Setting up filter for ExceptionMetered resource method: {}#{}", resourceInfo.getResourceClass().getCanonicalName(), resourceMethod.getName()); context.register(new ExceptionMeteredMetricsFilter(metricRegistry, resourceInfo)); } } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { final Class<?> resourceClass = resourceInfo.getResourceClass(); final Method resourceMethod = resourceInfo.getResourceMethod(); context.register(ShiroSecurityContextFilter.class); if (resourceMethod.isAnnotationPresent(RequiresAuthentication.class) || resourceClass.isAnnotationPresent(RequiresAuthentication.class)) { if (resourceMethod.isAnnotationPresent(RequiresGuest.class)) { LOG.debug("Resource method {}#{} is marked as unauthenticated, skipping setting filter."); } else { LOG.debug("Resource method {}#{} requires an authenticated user.", resourceClass.getCanonicalName(), resourceMethod.getName()); context.register(new ShiroAuthenticationFilter()); } } if (resourceMethod.isAnnotationPresent(RequiresPermissions.class) || resourceClass.isAnnotationPresent(RequiresPermissions.class)) { RequiresPermissions requiresPermissions = resourceClass.getAnnotation(RequiresPermissions.class); if (requiresPermissions == null) { requiresPermissions = resourceMethod.getAnnotation(RequiresPermissions.class); } LOG.debug("Resource method {}#{} requires an authorization checks.", resourceClass.getCanonicalName(), resourceMethod.getName()); context.register(new ShiroAuthorizationFilter(requiresPermissions)); } // TODO this is the wrong approach, we should have an Environment and proper request wrapping context.register((ContainerResponseFilter) (requestContext, responseContext) -> ThreadContext.unbindSubject()); } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { final Require va = resourceInfo.getResourceMethod().getAnnotation(Require.class); if (va != null) { context.register(new CustomHeaderFilter(va.headerName(), va.headerValue())); } } }
/** * Invoked prior to request invocation during {@link ContainerRequestFilter#filter(ContainerRequestContext)} * where the resource info was injected from context. * * <p>Adds the tags {@link #RESOURCE_CLASS} and {@link #RESOURCE_METHOD}. Override or use {@link #NOOP} * to change this behavior. */ protected void resourceInfo(ResourceInfo resourceInfo, SpanCustomizer customizer) { customizer.tag(RESOURCE_CLASS, resourceInfo.getResourceClass().getSimpleName()); customizer.tag(RESOURCE_METHOD, resourceInfo.getResourceMethod().getName()); }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); final Annotation[][] parameterAnnotations = am.getParameterAnnotations(); final Class<?>[] parameterTypes = am.getParameterTypes();
Method resourceMethod = resourceInfo.getResourceMethod(); List<Role> methodRoles = extractRoles(resourceMethod);
@Override public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) { AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); // RolesAllowed on the method takes precedence over PermitAll RolesAllowed ra = am.getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(AuthCheckFilter.INSTANCE); return; } // PermitAll takes precedence over RolesAllowed on the class if (am.isAnnotationPresent(PermitAll.class)) { // Do nothing. return; } // RolesAllowed on the class takes precedence over PermitAll ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(AuthCheckFilter.INSTANCE); } }
@Override public void configure(ResourceInfo resourceInfo, FeatureContext context) { final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); final Annotation[][] parameterAnnotations = am.getParameterAnnotations(); final Class<?>[] parameterTypes = am.getParameterTypes(); // First, check for any @Auth annotations on the method. for (int i = 0; i < parameterAnnotations.length; i++) { for (final Annotation annotation : parameterAnnotations[i]) { if (annotation instanceof Auth) { // Optional auth requires that a concrete AuthFilter be provided. if (parameterTypes[i].equals(Optional.class) && authFilter != null) { context.register(new WebApplicationExceptionCatchingFilter(authFilter)); return; } else { registerAuthFilter(context); return; } } } } // Second, check for any authorization annotations on the class or method. // Note that @DenyAll shouldn't be attached to classes. final boolean annotationOnClass = (resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class) != null) || (resourceInfo.getResourceClass().getAnnotation(PermitAll.class) != null); final boolean annotationOnMethod = am.isAnnotationPresent(RolesAllowed.class) || am.isAnnotationPresent(DenyAll.class) || am.isAnnotationPresent(PermitAll.class); if (annotationOnClass || annotationOnMethod) { registerAuthFilter(context); } }
@Override public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) { final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); // DenyAll on the method take precedence over RolesAllowed and PermitAll if (am.isAnnotationPresent(DenyAll.class)) { configuration.register(new RolesAllowedRequestFilter()); return; } // RolesAllowed on the method takes precedence over PermitAll RolesAllowed ra = am.getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); return; } // PermitAll takes precedence over RolesAllowed on the class if (am.isAnnotationPresent(PermitAll.class)) { // Do nothing. return; } // DenyAll can't be attached to classes // RolesAllowed on the class takes precedence over PermitAll ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); } }
@Override public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) { final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod()); // DenyAll on the method take precedence over RolesAllowed and PermitAll if (am.isAnnotationPresent(DenyAll.class)) { configuration.register(new RolesAllowedRequestFilter()); return; } // RolesAllowed on the method takes precedence over PermitAll RolesAllowed ra = am.getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); return; } // PermitAll takes precedence over RolesAllowed on the class if (am.isAnnotationPresent(PermitAll.class)) { // Do nothing. return; } // DenyAll can't be attached to classes // RolesAllowed on the class takes precedence over PermitAll ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class); if (ra != null) { configuration.register(new RolesAllowedRequestFilter(ra.value())); } }
requestContext.setSecurityContext(securityContext); } else { Method method = resourceInfo.getResourceMethod(); if (!method.isAnnotationPresent(PermitAll.class)) { Response.ResponseBuilder responseBuilder = Response.status(Response.Status.UNAUTHORIZED);
@Override public void filter(ContainerRequestContext containerRequestContext) { AuthNimbusOp annotation = resourceInfo.getResourceMethod().getAnnotation(AuthNimbusOp.class); if (annotation == null) { return;